Standard CIP-001-2a— Sabotage Reporting
A. Introduction
1.
Title:
Sabotage Reporting
2.
Number:
CIP-001-2a
3.
Purpose:
Disturbances or unusual occurrences, suspected or determined to be caused by
sabotage, shall be reported to the appropriate systems, governmental agencies, and regulatory
bodies.
4.
Applicability
4.1. Reliability Coordinators.
4.2. Balancing Authorities.
4.3. Transmission Operators.
4.4. Generator Operators.
4.5. Load Serving Entities.
4.6. Transmission Owners (only in ERCOT Region).
4.7. Generator Owners (only in ERCOT Region).
5.
ERCOT Regional Variance will be effective the first day of
the first calendar quarter after applicable regulatory approval.
Effective Date:
B. Requirements
R1.
Each Reliability Coordinator, Balancing Authority, Transmission Operator, Generator
Operator, and Load Serving Entity shall have procedures for the recognition of and for making
their operating personnel aware of sabotage events on its facilities and multi-site sabotage
affecting larger portions of the Interconnection.
R2.
Each Reliability Coordinator, Balancing Authority, Transmission Operator, Generator
Operator, and Load Serving Entity shall have procedures for the communication of information
concerning sabotage events to appropriate parties in the Interconnection.
R3.
Each Reliability Coordinator, Balancing Authority, Transmission Operator, Generator
Operator, and Load Serving Entity shall provide its operating personnel with sabotage response
guidelines, including personnel to contact, for reporting disturbances due to sabotage events.
R4.
Each Reliability Coordinator, Balancing Authority, Transmission Operator, Generator
Operator, and Load Serving Entity shall establish communications contacts, as applicable, with
local Federal Bureau of Investigation (FBI) or Royal Canadian Mounted Police (RCMP)
officials and develop reporting procedures as appropriate to their circumstances.
C. Measures
M1. Each Reliability Coordinator, Balancing Authority, Transmission Operator, Generator
Operator, and Load Serving Entity shall have and provide upon request a procedure (either
electronic or hard copy) as defined in Requirement 1
M2. Each Reliability Coordinator, Balancing Authority, Transmission Operator, Generator
Operator, and Load Serving Entity shall have and provide upon request the procedures or
guidelines that will be used to confirm that it meets Requirements 2 and 3.
Page 1 of 6
Standard CIP-001-2a— Sabotage Reporting
M3. Each Reliability Coordinator, Balancing Authority, Transmission Operator, Generator
Operator, and Load Serving Entity shall have and provide upon request evidence that could
include, but is not limited to procedures, policies, a letter of understanding, communication
records, or other equivalent evidence that will be used to confirm that it has established
communications contacts with the applicable, local FBI or RCMP officials to communicate
sabotage events (Requirement 4).
D. Compliance
1.
Compliance Monitoring Process
1.1. Compliance Monitoring Responsibility
Regional Reliability Organizations shall be responsible for compliance monitoring.
1.2. Compliance Monitoring and Reset Time Frame
One or more of the following methods will be used to verify compliance:
-
Self-certification (Conducted annually with submission according to schedule.)
-
Spot Check Audits (Conducted anytime with up to 30 days notice given to prepare.)
-
Periodic Audit (Conducted once every three years according to schedule.)
-
Triggered Investigations (Notification of an investigation must be made within 60
days of an event or complaint of noncompliance. The entity will have up to 30 days
to prepare for the investigation. An entity may request an extension of the
preparation period and the extension will be considered by the Compliance Monitor
on a case-by-case basis.)
The Performance-Reset Period shall be 12 months from the last finding of noncompliance.
1.3. Data Retention
Each Reliability Coordinator, Transmission Operator, Generator Operator, Distribution
Provider, and Load Serving Entity shall have current, in-force documents available as
evidence of compliance as specified in each of the Measures.
If an entity is found non-compliant the entity shall keep information related to the noncompliance until found compliant or for two years plus the current year, whichever is
longer.
Evidence used as part of a triggered investigation shall be retained by the entity being
investigated for one year from the date that the investigation is closed, as determined by
the Compliance Monitor,
The Compliance Monitor shall keep the last periodic audit report and all requested and
submitted subsequent compliance records.
1.4. Additional Compliance Information
None.
2.
Levels of Non-Compliance:
2.1. Level 1: There shall be a separate Level 1 non-compliance, for every one of the
following requirements that is in violation:
2.1.1
Does not have procedures for the recognition of and for making its operating
personnel aware of sabotage events (R1).
Page 2 of 6
Standard CIP-001-2a— Sabotage Reporting
2.1.2
Does not have procedures or guidelines for the communication of information
concerning sabotage events to appropriate parties in the Interconnection (R2).
2.1.3
Has not established communications contacts, as specified in R4.
2.2. Level 2: Not applicable.
2.3. Level 3: Has not provided its operating personnel with sabotage response procedures or
guidelines (R3).
2.4. Level 4:.Not applicable.
E. ERCOT Interconnection-wide Regional Variance
Requirements
EA.1. Each Reliability Coordinator, Balancing Authority, Transmission Owner,
Transmission Operator, Generator Owner, Generator Operator, and Load Serving
Entity shall have procedures for the recognition of and for making their operating
personnel aware of sabotage events on its facilities and multi-site sabotage affecting
larger portions of the Interconnection.
EA.2. Each Reliability Coordinator, Balancing Authority, Transmission Owner,
Transmission Operator, Generator Owner, Generator Operator, and Load Serving
Entity shall have procedures for the communication of information concerning
sabotage events to appropriate parties in the Interconnection.
EA.3. Each Reliability Coordinator, Balancing Authority, Transmission Owner,
Transmission Operator, Generator Owner, Generator Operator, and Load Serving
Entity shall provide its operating personnel with sabotage response guidelines,
including personnel to contact, for reporting disturbances due to sabotage events.
EA.4. Each Reliability Coordinator, Balancing Authority, Transmission Owner,
Transmission Operator, Generator Owner, Generator Operator, and Load Serving
Entity shall establish communications contacts with local Federal Bureau of
Investigation (FBI) officials and develop reporting procedures as appropriate to their
circumstances.
Measures
M.A.1. Each Reliability Coordinator, Balancing Authority, Transmission Owner,
Transmission Operator, Generator Owner, Generator Operator, and Load Serving
Entity shall have and provide upon request a procedure (either electronic or hard
copy) as defined in Requirement EA1.
M.A.2. Each Reliability Coordinator, Balancing Authority, Transmission Owner,
Transmission Operator, Generator Owner, Generator Operator, and Load Serving
Entity shall have and provide upon request the procedures or guidelines that will be
used to confirm that it meets Requirements EA2 and EA3.
M.A.3. Each Reliability Coordinator, Balancing Authority, Transmission Owner,
Transmission Operator, Generator Owner, Generator Operator, and Load Serving
Entity shall have and provide upon request evidence that could include, but is not
limited to, procedures, policies, a letter of understanding, communication records,
Page 3 of 6
Standard CIP-001-2a— Sabotage Reporting
or other equivalent evidence that will be used to confirm that it has established
communications contacts with the local FBI officials to communicate sabotage
events (Requirement EA4).
Compliance
1. Compliance Monitoring Process
1.1. Compliance Enforcement Authority
Regional Entity shall be responsible for compliance monitoring.
1.2. Data Retention
Each Reliability Coordinator, Balancing Authority, Transmission Owner,
Transmission Operator, Generator Owner, Generator Operator, and Load Serving
Entity shall have current, in-force documents available as evidence of compliance
as specified in each of the Measures.
If an entity is found non-compliant the entity shall keep information related to the
non-compliance until found compliant or for two years plus the current year,
whichever is longer.
Evidence used as part of a triggered investigation shall be retained by the entity
being investigated for one year from the date that the investigation is closed, as
determined by the Compliance Monitor,
The Compliance Monitor shall keep the last periodic audit report and all requested
and submitted subsequent compliance records.
Version History
Version
Date
Action
Change Tracking
0
April 1, 2005
Effective Date
New
0
August 8, 2005
Removed “Proposed” from Effective Date
Errata
1
November 1, 2006
Adopted by Board of Trustees
Amended
1
April 4, 2007
Regulatory Approval — Effective Date
New
1a
February 16, 2010
Added Appendix 1 — Interpretation of R2
approved by the NERC Board of Trustees
Addition
1a
February 2, 2011
Interpretation of R2 approved by FERC on
February 2, 2011
Same addition
June 10, 2010
TRE regional ballot approved variance
By Texas RE
August 24, 2010
Regional Variance Approved by Texas RE
Board of Directors
February 16, 2011
Approved by NERC Board of Trustees
2a
Page 4 of 6
Standard CIP-001-2a— Sabotage Reporting
2a
August 2, 2011
FERC Order issued approving Texas RE
Regional Variance
Page 5 of 6
Standard CIP-001-2a— Sabotage Reporting
Appendix 1
Requirement Number and Text of Requirement
CIP-001-1:
R2. Each Reliability Coordinator, Balancing Authority, Transmission Operator, Generator
Operator, and Load Serving Entity shall have procedures for the communication of information
concerning sabotage events to appropriate parties in the Interconnection.
Question
Please clarify what is meant by the term, “appropriate parties.” Moreover, who within the Interconnection
hierarchy deems parties to be appropriate?
Response
The drafting team interprets the phrase “appropriate parties in the Interconnection” to refer collectively to
entities with whom the reporting party has responsibilities and/or obligations for the communication of
physical or cyber security event information. For example, reporting responsibilities result from NERC
standards IRO-001 Reliability Coordination — Responsibilities and Authorities, COM-002-2
Communication and Coordination, and TOP-001 Reliability Responsibilities and Authorities, among
others. Obligations to report could also result from agreements, processes, or procedures with other
parties, such as may be found in operating agreements and interconnection agreements.
The drafting team asserts that those entities to which communicating sabotage events is appropriate would
be identified by the reporting entity and documented within the procedure required in CIP-001-1
Requirement R2.
Regarding “who within the Interconnection hierarchy deems parties to be appropriate,” the drafting team
knows of no interconnection authority that has such a role.
Page 6 of 6
* FOR INFORMATIONAL PURPOSES ONLY *
Effective Date of Standard: CIP-001-2a — Sabotage Reporting
null
Standard
Requirement
Effective Date of
Standard
Phased In
Inactive Date
Implementation
Date (if
applicable)
This standard has not yet been approved by the applicable regulatory authority.
Printed On: June 15, 2017, 07:00 PM